From: Patrick McHardy <kaber@trash.net>
To: Harald Welte <laforge@netfilter.org>
Cc: Netfilter Development Mailinglist <netfilter-devel@lists.netfilter.org>
Subject: Re: [PATCH 4/4] first conntrack ID must be 1 not 2
Date: Thu, 06 Apr 2006 13:02:18 +0200 [thread overview]
Message-ID: <4434F53A.2030302@trash.net> (raw)
In-Reply-To: <20060401193138.GG11031@sunbeam.de.gnumonks.org>
[-- Attachment #1: Type: text/plain, Size: 645 bytes --]
Harald Welte wrote:
> So if there's now a majority of people who want to delete the ID: Go for
> it :)
Found the patch again. What it does is:
- note entry of next conntrack to be dumped and keep a reference to it
- when continuing, look for the conntrack and continue at it if its
still there
- if not, dump the entire bucket again
In theory we could end up in an endless loop if the conntrack entry
we're keeping the reference to is deleted everytime we want to
continue dumping. It shouldn't be triggerable intentionally because
of the jenkins hash though. If there are no objections I'll port
it to nf_conntrack_netlink and submit it.
[-- Attachment #2: x --]
[-- Type: text/plain, Size: 1853 bytes --]
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c
index e0b5926..5a1769d 100644
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -387,38 +387,52 @@ nfattr_failure:
static int ctnetlink_done(struct netlink_callback *cb)
{
DEBUGP("entered %s\n", __FUNCTION__);
+ if (cb->args[1])
+ ip_conntrack_put(cb->args[1]);
return 0;
}
static int
ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
{
- struct ip_conntrack *ct = NULL;
+ struct ip_conntrack *ct;
struct ip_conntrack_tuple_hash *h;
struct list_head *i;
- u_int32_t *id = (u_int32_t *) &cb->args[1];
DEBUGP("entered %s, last bucket=%lu id=%u\n", __FUNCTION__,
cb->args[0], *id);
read_lock_bh(&ip_conntrack_lock);
- for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++, *id = 0) {
+ for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++) {
+restart:
list_for_each_prev(i, &ip_conntrack_hash[cb->args[0]]) {
h = (struct ip_conntrack_tuple_hash *) i;
if (DIRECTION(h) != IP_CT_DIR_ORIGINAL)
continue;
ct = tuplehash_to_ctrack(h);
- if (ct->id <= *id)
- continue;
+ if (cb->args[1]) {
+ if (ct == cb->args[1]) {
+ ip_conntrack_put(cb->args[1]);
+ cb->args[1] = NULL;
+ } else
+ continue;
+ }
if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid,
cb->nlh->nlmsg_seq,
IPCTNL_MSG_CT_NEW,
- 1, ct) < 0)
+ 1, ct) < 0) {
+ nf_conntrack_get(&ct->ct_general);
+ cb->args[1] = ct;
goto out;
- *id = ct->id;
+ }
+ }
+ if (cb->args[1]) {
+ ip_conntrack_put(cb->args[1]);
+ cb->args[1] = NULL;
+ goto restart;
}
}
-out:
+out:
read_unlock_bh(&ip_conntrack_lock);
DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id);
next prev parent reply other threads:[~2006-04-06 11:02 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-13 2:41 [PATCH 4/4] first conntrack ID must be 1 not 2 Pablo Neira Ayuso
2006-02-13 11:20 ` Harald Welte
2006-02-16 8:33 ` Patrick McHardy
2006-02-16 8:47 ` Jozsef Kadlecsik
2006-02-16 9:02 ` Patrick McHardy
2006-02-16 9:11 ` Jozsef Kadlecsik
2006-02-16 9:14 ` Patrick McHardy
2006-02-16 9:36 ` Jozsef Kadlecsik
2006-02-16 20:09 ` Patrick McHardy
2006-02-17 8:18 ` Jozsef Kadlecsik
2006-02-17 8:45 ` Martin Josefsson
2006-02-17 9:30 ` Jozsef Kadlecsik
2006-02-17 18:41 ` Jozsef Kadlecsik
2006-03-04 16:23 ` Hashtrie testing (was: Re: [PATCH 4/4] first conntrack ID must be 1 not 2) Martin Josefsson
2006-03-05 9:49 ` Jozsef Kadlecsik
2006-03-05 13:24 ` Martin Josefsson
2006-03-04 20:11 ` Hashtrie testing2 " Martin Josefsson
2006-03-05 11:24 ` Jozsef Kadlecsik
2006-03-05 17:48 ` Martin Josefsson
2006-03-06 13:15 ` Jozsef Kadlecsik
2006-03-07 18:33 ` Martin Josefsson
2006-03-08 6:34 ` Patrick Schaaf
2006-03-12 18:49 ` Martin Josefsson
2006-03-14 11:35 ` Jozsef Kadlecsik
2006-03-23 11:27 ` Jozsef Kadlecsik
2006-03-23 21:07 ` Martin Josefsson
2006-03-25 8:39 ` Jozsef Kadlecsik
2006-03-28 12:26 ` Jozsef Kadlecsik
2006-03-30 8:28 ` Hashtrie testing2, dancing trees Amin Azez
2006-03-31 18:43 ` Jozsef Kadlecsik
2006-02-17 8:50 ` [PATCH 4/4] first conntrack ID must be 1 not 2 Patrick McHardy
2006-03-30 8:31 ` Amin Azez
2006-03-31 1:11 ` Patrick McHardy
2006-03-31 18:35 ` Jozsef Kadlecsik
2006-03-31 18:44 ` Patrick McHardy
2006-04-01 19:31 ` Harald Welte
2006-04-06 11:02 ` Patrick McHardy [this message]
2006-04-11 16:09 ` Amin Azez
2006-04-11 16:17 ` Patrick McHardy
[not found] ` <443CA579.3030908@ufomechanic.net>
2006-04-12 18:30 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4434F53A.2030302@trash.net \
--to=kaber@trash.net \
--cc=laforge@netfilter.org \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.